Security News

Details of RCE Bug in Adobe Experience Manager Revealed
2021-06-29 11:34

Details of an Adobe zero-day bug found in its content-management solution Adobe Experience Manager, which affected customers ranging from Mastercard, LinkedIn and PlayStation, were revealed Monday. Researchers in the ethical-hacking community Detectify Crowdsource identified the flaw in the CRX Package Manager component of Adobe's AEM. AEM is an enterprise-class tool for creating and managing websites, mobile apps and online forums.

Adobe Patches Major Security Flaws in PDF Reader, Photoshop
2021-06-08 17:28

Adobe's product security response machine revved into high gear this week with the release of multiple patches for gaping security holes in widely deployed software products. According to the San Jose, Calif. software maker, this month's batch of patches address a swathe of potentially dangerous vulnerabilities in Adobe Acrobat and Reader, Adobe Photoshop, and the ever-present Adobe Creative Cloud Desktop Application.

Adobe issues security updates for 41 vulnerabilities in 10 products
2021-06-08 16:48

Adobe has released a giant Patch Tuesday security update release that fixes vulnerabilities in ten applications, including Adobe Acrobat, Reader, and Photoshop. Out of all the Adobe security updates released today, Adobe After Effects had the most fixes, with 16 vulnerabilities.

Microsoft, Adobe Exploits Top List of Crooks’ Wish List
2021-05-18 12:32

You can't possibly patch all CVEs, so focus on the exploits crooks are willing to pay for, as tracked in a study of the underground exploit market. A year-long study into the underground market for exploits in cybercriminal forums shows that crooks are salivating for Microsoft bugs, which are far and away the most requested and most sold exploits.

May 2021 Patch Tuesday: Adobe fixes exploited Reader 0-day, Microsoft patches 55 holes
2021-05-12 08:40

Adobe has fixed a Reader flaw exploited in attacks in the wild, as well as delivered security updates for eleven other products, including Magento, Adobe InDesign, Adobe After Effects, Adobe Creative Cloud Desktop Application, and others. Microsoft has plugged 55 security holes, none actively exploited.

Alert: Hackers Exploit Adobe Reader 0-Day Vulnerability in the Wild
2021-05-11 23:42

Adobe has released Patch Tuesday updates for the month of May with fixes for multiple vulnerabilities spanning 12 different products, including a zero-day flaw affecting Adobe Reader that's actively exploited in the wild. In a security bulletin, the company acknowledged it received reports that the flaw "Has been exploited in the wild in limited attacks targeting Adobe Reader users on Windows." Tracked as CVE-2021-28550, the zero-day concerns an arbitrary code execution flaw that could allow adversaries to execute virtually any command on target systems.

Hackers Leverage Adobe Zero-Day Bug Impacting Acrobat Reader
2021-05-11 18:38

A patch for Adobe Acrobat, the world's leading PDF reader, fixes a vulnerability under active attack affecting both Windows and macOS systems that could lead to arbitrary code execution. Adobe is warning customers of a critical zero-day bug actively exploited in the wild that affects its ubiquitous Adobe Acrobat PDF reader software.

Adobe fixes Reader zero-day vulnerability exploited in the wild
2021-05-11 16:28

Adobe has released a massive Patch Tuesday security update release that fixes vulnerabilities in twelve different applications, including one actively exploited vulnerability Adobe Reader. Of particular concern, Adobe warns that one of the Adobe Acrobat and Reader vulnerabilities tracked as CVE-2021-28550 has been exploited in the wild in limited attacks against Adobe Reader on Windows devices.

Adobe: Windows Users Hit by PDF Reader Zero-Day
2021-05-11 15:53

Adobe on Tuesday warned that a gaping security hole in one of the most widely deployed software products has been exploited in the wild in "Limited attacks targeting Adobe Reader users on Windows." Adobe's confirmation of the zero-day attack was buried in a security bulletin that documents at least 11 security vulnerabilities affected Adobe Acrobat and Reader on both Windows and MacOS platforms.

Adobe Releases Open Source Anomaly Detection Tool "OSAS"
2021-04-27 13:29

Adobe this week announced the open-source availability of 'One-Stop Anomaly Shop', a new tool designed to help security teams discover anomalies in datasets. Building on previous research, white papers, and other projects from Adobe's Security Intelligence Team, OSAS out-of-the-box allows researchers to experiment with datasets, control data processing and feature combining, and help identify a solution for detecting security threats.